Sanitise notification HTML
Qt labels support a HTML subset, using a completely internal parser in
The Notification spec support an even smaller subset of notification
It's important to strip out irrelevant tags that could potentially load
remote information without user interaction, such as img
src or even <b style="background:url...
But we want to maintain the basic rich text formatting of bold and
italics and links.
This parser iterates reads the XML, copying only permissable tags and
A future obvious improvement would be to merge the original regular
expressions into this stream parser, but I'm trying to minimise
breakages to get this into 5.12.
Moved code into it's own class for easy unit testing
Tried a bunch of things, including what the old regexes were doing
Also ran notify send with a few options to make sure things worked
Reviewers: Plasma, fvogt
Reviewed By: fvogt
Subscribers: aacid, fvogt, plasma-devel
Differential Revision: https://phabricator.kde.org/D10188